Skip to content

v1.3.1 — Security fixes, bug fixes, landing page redesign

Choose a tag to compare

View all tags
@simongonzalezdc simongonzalezdc released this 03 May 16:37
· 217 commits to master since this release
v1.3.1
91005fd
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

v1.3.1 — Security Fixes, Bug Fixes, Landing Page Redesign

Security

  • Command injection fix — vectors file path validated as absolute in engine_stabilize.py
  • SSL certificate verification enabled for AI model downloads in ai_engine/upscale.py
  • Path redaction in error messages — no more full filesystem paths leaked

Fixed

  • Proper AI operation timeout (3600s) for demucs/whisper — no more premature kills on long videos
  • FFmpeg stderr buffer increased from 1MB → 10MB — fixes truncated progress on long-running ops
  • Temp file leak fixed in typewriter text effect
  • Pitch shift semitones range validation (-48 to +48)
  • Pixel count cap in color extraction (50K max) — prevents memory exhaustion
  • Whisper temp WAV file cleanup with try-finally
  • Bitrate/size range validation in probe
  • 1MB JSON size limit in CLI argument parser
  • Thread-safe probe cache with threading.Lock
  • Centralized all timeout constants in limits.py

Changed

  • Tool count standardized to 87 MCP tools across all docs and metadata
  • Duplicate Hyperframes section removed from README
  • video_cleanup tool documented in TOOLS.md
  • Shipped v1.3.0 features marked complete in ROADMAP.md
  • Landing page redesigned: Space Grotesk + DM Sans, orange/teal palette, fixed mobile menu, accessibility improvements

Install

uv pip install mcp-video==1.3.1
# or
pip install mcp-video==1.3.1

Full Changelog: v1.3.0...v1.3.1

Assets 2
Loading